This week, Google has released out-of-band fixes to address a high-severity security vulnerability, tracked as CVE-2025-2783, in the Chrome browser for Windows. The flaw was actively exploited in attacks targeting organizations in Russia.

While DeepSeek is rising in popularity, threat actors are attempting to exploit it by using fake sponsored Google ads to distribute malware, Malwarebytes researchers warn. Attackers are using DeepSeek as a lure to trap unsuspecting Google searchers.

Resecurity discovered a local file inclusion flaw in the data leak site used by BlackLock Ransomware, allowing them to uncover clearnet IP addresses and other details about the cybercriminals' network, aiding in the investigation and disruption.

The vulnerability is due to improper access control. Low-privileged local attackers can exploit this vulnerability in simple attacks without user interaction to escalate privileges on vulnerable VMs.

Google has released out-of-band fixes to address a high-severity security vulnerability, tracked as CVE-2025-2783, in Chrome browser for Windows. The flaw was actively exploited in attacks targeting organizations in Russia.

The CERT-UA uncovered a new cyber espionage campaign targeting employees of defense-industrial complex enterprises and representatives of the Defense Forces of Ukraine with DarkCrystal RAT through the Signal messenger.

A new threat assessment by the Danish Social Security Agency warns that nation-state hackers have an extensive technical understanding of the telecommunications sector’s infrastructure and protocols in cyberattacks against the industry abroad.

The CISA added six vulnerabilities in Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, tracked as CVE-2025-24983, CVE-2025-24984, CVE-2025-24985, CVE-2025-24991, CVE-2025-24993, and CVE-2025-26633.

The group stated that it stole sensitive data such as private correspondence, personal information, and official decrees. The ransomware group declared that they had already sold some of the alleged stolen information to third parties.

Experts say millions of solar units worldwide can be accessed due to these flaws, and they could have manipulated power supplies to cause blackouts, especially amid the ongoing hybrid warfare tensions involving Russia.